Home Intro to Offensive Security
Post
Cancel

Intro to Offensive Security

Hack your first website (legally in a safe environment) and experience an ethical hacker’s job.

THM Room https://tryhackme.com/room/introtooffensivesecurity

TASK 1 : Hacking your first machine

When you’ve transferred money to your account, go back to your bank account page. What is the answer shown on your bank balance page?

The web bank app is :

Demo App Demo App

Using gobuster to list the available directories :

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
 ubuntu@tryhackme:~/Desktop$ gobuster -u http://fakebank.com -w wordlist.txt 

=====================================================
Gobuster v2.0.1              OJ Reeves (@TheColonial)
=====================================================
[+] Mode         : dir
[+] Url/Domain   : http://fakebank.com/
[+] Threads      : 10
[+] Wordlist     : wordlist.txt
[+] Status codes : 200,204,301,302,307,403
[+] Timeout      : 10s
=====================================================
2022/05/02 17:42:49 Starting gobuster
=====================================================
/images (Status: 301)
/bank-transfer (Status: 200)
=====================================================
2022/05/02 17:42:58 Finished
=====================================================

We found a page for transfer of money :

Bank-transfer Bank-transfer

Transfer $2000 tfrom account 2276 to our account (8881) :

Bank-transfer used Bank-transfer used

Bank-transfer used success Bank-transfer used success

Then checking again our account :

Bank account Bank account

Answer : BANK-HACKED

If you were a penetration tester or security consultant, this is an exercise you’d perform for companies to test for vulnerabilities in their web applications; find hidden pages to investigate for vulnerabilities.

No Answer.

Terminate the machine by clicking the red “Terminate” button at the top of the page.

No Answer.

TASK 2 : What is Offensive Security?

Read the above.

No Answer

TASK 3 : Careers in cyber security

Read the above, and continue with the next room!

No Answer.

This post is licensed under CC BY 4.0 by the author.